{"id":438,"date":"2020-07-13T15:10:15","date_gmt":"2020-07-13T09:40:15","guid":{"rendered":"https:\/\/tech9labs.com\/blog\/?p=438"},"modified":"2020-07-13T15:10:18","modified_gmt":"2020-07-13T09:40:18","slug":"list-of-cybersecurity-technologies-in-the-public-cloud","status":"publish","type":"post","link":"https:\/\/tech9labs.com\/blog\/2020\/07\/13\/list-of-cybersecurity-technologies-in-the-public-cloud\/","title":{"rendered":"List of cybersecurity technologies in the Public Cloud"},"content":{"rendered":"

There is\na list of security controls and technologies for protecting the assets in the\nhybrid and multi-cloud environment. Companies should implement these\ntechnologies while they start the migration of workloads in the public, multi-cloud\nenvironment.<\/em><\/p>

\u201c99% of cloud Security failures are the Customer\u2019s Fault.\u201d- Gartner<\/strong><\/p>

  1. Identity and access management-\nIDAM<\/strong><\/li><\/ol>

    IDAM is critical and very important requirement\nin a public cloud environment. Majority of the enterprises will adopt cloud\nIdentity and access management of cloud or implement Cloud access security\nBroker- CASB from third party. These technologies prevent sensitive data from\nbeing exfiltrated from your environment by risky insiders or malicious\ncybercriminals who have breached your perimeter. Organisation should implement\ncloud based IAM solution and extend this for managing on-prem or a multi-cloud\nenvironment. Cloud based IAM solution or third-party access management solution\ngives additional feature of multifactor and behaviour-based access control and\nauthentication mechanism.<\/p>

    1. Cloud Data Encryption<\/strong><\/li><\/ol>

      All CSP\u2019s are giving a native feature of\nencryption of data at rest and in motion. Organisations can implement this\nbasis the cost, performance and regulatory compliance. CSP charge for the\nencryption services so need to identify the critical system where PII or other\nimportant information and implement this for selective apps, Db\u2019s, object storage.\nCompanies should also shortlist the key management models for storing this with\nthree options, i) CSP\u2019s manage keys, ii) keys to be stored in On-prem or iii)\nthird party manage keys.<\/p>

      1. Perimeter Security<\/strong><\/li><\/ol>

        Choice of perimeter network security depends\non the deployment model of cloud i.e. if traffic is routed only through On-prem\nData-Centre or parallelly from On-prem and Direct traffic from Internet or All\nnetwork traffic for employees and customers is routed from Internet and then\ntraffic is moving to On-prem Datacentre or to a multi-cloud deployment\narchitecture. Companies can either have native or third-party Perimeter network\nsolution which are matured enough in last few decades. Enterprises can also\nimplement \u201czero-trust\u201d models a gamechanger alternative where the concept of\nperimeter will cease to exist due to rapid cloud adoption in the form of IaaS,\nPaaS and SaaS and majority of the traffic is now outside the enterprise\nperimeter. Depending upon the presence globally, company can implement geographical\nfencing and restrict traffic from those locations where company is not\noperating and not expecting any customers to connect.<\/p>

        1. Host Defence<\/strong><\/li><\/ol>

          Organisation need to harden the image and\ninstall antivirus, anti-ransomware, and HIPS. This should get complimented by\nenabling the WAF and other controls like DDoS and API protection. Companies\nshould also take care of the real time patch management or implementation of\nvirtual patching in case companies finding difficulty in real time\nimplementation of patches. Vulnerability assessment tool should be used for\nfinding out vulnerabilities due to weak code practice, application\nvulnerabilities, system shortfalls and misconfigurations. Companies can use\nnative compliance controls like AWS Inspector, AWS CloudWatch, AWS CloudTrail,\nAzure application insight, Azure Monitor, Azure Security Center etc.<\/p>

          1. Application Security<\/strong><\/li><\/ol>

            Developers team should control the access of\ncloud by implementing a governance mechanism as cloud gives extreme ease for\ndeveloping the apps to the software development team. Enterprises should define\nsecurity configuration standards for cloud-based applications and try to\nimplement tool or template-based enforcements in the cloud or configure this\nmanually. Companies can implement Cloud Security Posture Management- CSPM and\nmanage SaaS application after integrating closely through API or natively.\nCompany should preparebest practices process for developing the apps on the\ncloud and make sure developers are following the standards. This should be\nmonitored closely in the form of automatic audits and other controls.<\/p>

            1. Operational and security Monitoring<\/strong><\/li><\/ol>

              Company should implement Security information\nand event management SIEM tool. If companies already have this implemented for\nOn-prem environment, Organisation should integrate CSP events, audit logs,\noperational, security events and insights with on-prem SIEM solution and can\ncreate single view and monitor for any exceptions. Customer should use cloud\nbased native or third-party cloud solution in case they do not have on-prem or\nhybrid environment. CSP\u2019s are developing solution for SIEM and operational\nmonitoring and fortifying this with the help of machine learning,\ndata-analytics, threat intelligence and end user behaviour analytics.<\/p>

              1. End User assets<\/strong><\/li><\/ol>

                Customer will need to review and implement\nclient end point security and incorporate changes to include the protection in\nthe cloud. Movement of workloads in cloud will make Data-Leak Prevention\nredundant and organisation should review the efficacies of the DLP after cloud\nmovement. Enterprises will have to change DLP for supporting workload in the\ncloud. Companies can implement cloud ready DLP system which runs and\ninteroperable in a cloud first and borderless environment.Current signature-based\nantivirus and malware prevention tools will also have to adjusted for the\nhybrid or multi-cloud environment. Companies should review and replace legacy\nand conventional AV, application control solution and adopt next gen AV with\ncapability of behavioural analysis (Machine- Learning) and EDR solutions which\nhas the extra capability of a file-less, living of the Land (LotL) and\nransomware attacks.<\/p>

                Few other points which need to understand and\ntake care while transitioning and migrating your workloads:<\/strong><\/p>

                • Understand the shared responsibility model. You will still be liable for what occurs within your network and in your application.<\/li>
                • Implement security at every level of your deployment.<\/li>
                • Take a risk-based approach for securing your assets used in the cloud and extend security to the devices.<\/li>
                • Implement multifactor authentication for all accounts accessing sensitive data or systems.<\/li>
                • Turn on Encryption wherever you can. This can easily be enabled for object-based storage etc.<\/li>
                • Review and rotate access keys and credentials.<\/li>
                • Proactively classify information and apply access control integrate with Nxt Gen DLP.<\/li>
                • Employ a multi-cloud strategy to avoid vendor lock-in.<\/li><\/ul>

                  Above technical controls are the primary one\nand not the final list of all security controls and organisation should\nimplement additional controls as per the importance of their workloads, budget\nand complexities of implementation involved. More technology controls will\nbring more complexities and higher cost which should be matched with the\nbusiness risks and as per the business priorities and regulatory controls.\nCompanies should not only think about current applications and their\nrequirements but also consider the future road map and overall cloud strategy\nwhen defining and implementing these technologies and controls.<\/p>

                  \u201c90% of the organisations that fail to control\npublic cloud use will inappropriately share sensitive data of the company\u201d-\nGartner<\/strong><\/p>","protected":false},"excerpt":{"rendered":"

                  There is a list of security controls and technologies for protecting the assets in the hybrid and multi-cloud environment. Companies should implement these technologies while they start the migration of…<\/p>\n","protected":false},"author":2,"featured_media":439,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[98,24],"tags":[106,107,117,105,115,116],"class_list":["post-438","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-information-security","category-tech","tag-cloud-security","tag-hybrid-cloud","tag-mutli-cloud-environment","tag-public-cloud","tag-public-cloud-security","tag-security-controls"],"_links":{"self":[{"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/posts\/438","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/comments?post=438"}],"version-history":[{"count":1,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/posts\/438\/revisions"}],"predecessor-version":[{"id":440,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/posts\/438\/revisions\/440"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/media\/439"}],"wp:attachment":[{"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/media?parent=438"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/categories?post=438"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tech9labs.com\/blog\/wp-json\/wp\/v2\/tags?post=438"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}